Skip to content

This Symfony bundle serves as a tiny wrapper for the thenetworg/oauth2-azure package.

License

Notifications You must be signed in to change notification settings

m4n50n/oauth2_azure_bundle

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

OAuth 2.0 for Azure Bundle

Latest Stable Version License Total Downloads

This Symfony bundle serves as a tiny wrapper for the Azure Active Directory Provider for OAuth 2.0 Client. You can find additional documentation in the official repository.

Installation

Open a command console, enter your project directory and execute the following command to download the latest stable version of this bundle:

symfony composer require m4n50n/oauth2-azure-bundle

Enable the Bundle

Enable the bundle by adding it to the list of registered bundles in the config/bundles.php file of your project.

// config/bundles.php

return [
    // ...    
    M4n50n\OAuth2AzureBundle\OAuth2AzureBundle::class => ['all' => true],
];

Configure the Bundle

Configure the bundle in the config/packages/oauth2_azure.yaml file:

# config/packages/oauth2_azure.yaml

o_auth2_azure:
  clientId: "%env(AUTH_CLIEN_ID)%"
  clientSecret: "%env(AUTH_CLIENT_PASS)%"
  tenant: "%env(AUTH_TENANT)%"
  redirectUri: "%env(AUTH_REDIRECT_URI)%"

  # Optional
  redirectToUrl: "%env(bool:AUTH_REDIRECT_TO_URL)%" # Activate redirect after authentication
  redirectUrl: "%env(AUTH_REDIRECT_URL)%" # URL to redirect after authentication
# .env

AUTH_CLIEN_ID="c3db02f0-401c-452c......"
AUTH_CLIENT_PASS="LfR8Q~yTXB5ozRejLrqE6oYqp......"
AUTH_TENANT="5fa120f8-1ee1-49e3-9b......"
AUTH_REDIRECT_URI="https://endpoint.com/api/login/azure"
AUTH_REDIRECT_TO_URL=true
AUTH_REDIRECT_URL="https://endpoint-client.com"

If you want the configuration / environment files to be created automatically inside your /config folder, you can include my private Symfony Flex recipes repository in your composer.json by adding the following configuration:

"extra": {
  "symfony": {
      "endpoint": [
          "https://api.github.com/repos/m4n50n/symfony_flex_recipes/contents/index.json",
          "flex://defaults"
      ]
  }
}

Usage

Inject OAuth2AzureFactory into your Service or Controller, and call the getAuth() method with Request as an argument.

If the redirectToUrl configuration parameter exists and has a true value, it will be redirected to the redirectUrl set after authentication. Otherwise, an AuthResponse object will be returned, containing the getOwnerData() method, which returns the data of the Azure-authenticated account.

use M4n50n\OAuth2AzureBundle\Factory\OAuth2AzureFactory;

final class LoginController extends AbstractController
{
    public function __construct(private OAuth2AzureFactory $OAuth2AzureFactory)
    {
    }

    #[Route(path: '/login/azure', name: 'login_azure', methods: ['GET'])]
    public function user_azureLoginRequest(JWTTokenManagerInterface $JWTManager, UserPasswordHasherInterface $userPasswordHasher)
    {
        try {
            // ...

            $auth = $this->OAuth2AzureFactory->getAuth($this->request);
            $ownerData = $auth->getOwnerData();

            /* It returns an array with the following structure:

            $ownerData = [
                "aud" => "c3db02f0-401c-452c......",
                "iss" => "https://login.microsoftonline.com/....../v2.0",
                "iat" => 1360114,
                "profileImage" => "", // base64_encode of the image binary
                "email":"[email protected]",
                "name":"Jose Garcia",
                
                // ... (other fields)
            ];              
            */

            // ...
        } catch (\Exception $exception) {
            // ...
        }

        // ...
    }
}

Methods

This wrapper defines the following methods:

  • Class OAuth2AzureFactory: getAuth() starts the user authentication flow.
  • Class OAuth2AzureFactory: getConfig() returns the entire bundle configuration object.
  • Class AuthResponse: isError() returns if there has been an error in the authentication process.

Contributing

See CONTRIBUTING for more information.

Security

See SECURITY for more information.

License

Please see the LICENSE included in this repository for a full copy of the MIT license, which this project is licensed under.